ARCHIVED - Government Response to the Seventh Report of the Standing Committee on Public Accounts: Large Information Technology Projects

This page has been archived.

The Government welcomes the opportunity to respond to the Seventh Report of the Standing Committee on Public Accounts in reference to Chapter 3 of the November 2006 Auditor General Report on large information technology projects.

The Government has taken note of the observations and recommendations in the Seventh Report and is firmly committed to acting upon the recommendations found therein. 

As noted in the Auditor General’s report, the management of IT projects is relatively new when compared to other management disciplines and organizations are still finding their way through it.

The action plan to improve project management is based on research into why projects fail.  It attempts to find the right balance between being overly prescriptive (to avoid becoming a cumbersome “web-of-rules”) and an over-reliance on guidance which by definition can be considered as optional.  The action plan is a combination of clarifying and strengthening the existing policies and guidance for the management of IT projects as well as the introduction of new requirements, such as independent reviews. 

Recommendation 1

The Treasury Board Secretariat provide a detailed action plan with specific target dates to the Public Accounts Committee by 30 September 2008 for the implementation of the Auditor General’s recommendations on large information technology projects.

The Government agrees and is pleased to provide the detailed action plan in the response that follows.

There are 7 key deliverables to achieve the commitments made in Chapter 3 of the November 2006 Auditor General Report: 

• Enhanced requirements for business cases including what must be considered in a business case and when they have to be updated will be completed by September 2008.  This will be reflected in a business case standard that will be complete by September 2008.
• Formalized requirements for scheduled standard independent reviews of large, complex projects were piloted in the spring of 2008.  Requirements will be finalized and an implementation plan will be completed by September 2008.
• Mandatory requirements for reporting the status of large projects have been defined and are now being piloted by key projects that are underway.  Completion is scheduled for September 2008.
• Mandatory requirements for other key project documents (i.e. Project Charter, Project Management Plan, Project Close-Out Reports, etc.) are being developed with the participation of departments.  Completion is planned for October 2008.
• The above mandatory requirements will be formally implemented as policy requirements via a directive that will be published by December 2008.  Many departments are participating in the development of these deliverables and have started complying with some of the proposals without waiting for formal implementation.
• Development of the supporting guidance and tools (known as the Enhanced Management Framework) to help departments and agencies understand and comply with these expectations is underway and will be on-going.
• Development programs to increase the number of project managers and the skills of existing government project managers are in the planning stage.  These will be on-going. 

Recommendation 2

The Treasury Board Secretariat ensure that all information technology projects have a detailed, complete, accurate, and up-to-date business case prior to being submitted to the Treasury Board for approval.

The Government agrees. 

Sound business cases are fundamental for departmental decision makers as well as Treasury Board ministers.  All IT-enabled investment projects are subject to business cases, not just those requiring Treasury Board approval. 

As noted in the response to Recommendation 1 above, business cases will have to comply with an enhanced business case standard that is being developed.  The standard is based on research of best practices in both the private and public sectors.

It will also be mandatory to update business cases at key points during the project.  The number and scheduling of the updates will depend on the risk and complexity of the project. 

Recommendation 3

The Treasury Board Secretariat require all new information technology project submissions to include an options analysis of the possibility of breaking large projects into smaller, more manageable projects.

The Government agrees. 

Previous experience with independent reviews has shown that they provide valuable insights into the projects.  Based on this experience, the government is implementing a formalized independent review program for large complex projects.  These reviews will include challenging the department on the size of the project, their capacity to manage the project and to implement the changes resulting from the project.  Departments will be required to share their reviews and their responses with Treasury Board Secretariat (TBS) officials when seeking project authorities from the Treasury Board.  

Recommendation 4

The Treasury Board Secretariat conduct an evaluation of the development and implementation of the Expenditure Management Information System, including the deficiencies in the business case identified by the Office of the Auditor General, and provide a report to the Public Accounts Committee on how it will apply lessons learned to the Enhanced Management Framework by 31 December 2008.

The Government agrees. 

In the last two years, the Expenditure Management Information System (EMIS) has undergone significant changes in technical design and project management and governance.  This new systems development effort began with a re-planning phase and resulted in the Budget Office Systems Renewal (BOSR) project.

In setting out the current BOSR project plan, the Treasury Board Secretariat took steps to avoid the major problem situations encountered in previous development efforts: project governance and management, risk management, change management and capacity building.  As a result of these efforts, an updated EMIS system was delivered in December 2007, on time and under budget, and was used by TBS and other federal organizations to prepare the 2008-09 Main Estimates.

Although refinement and enhancement of the new EMIS will continue through its first full year of implementation in the 2008-09 Budget and Estimates cycle, the BOSR project phase formally ended in March 2008.  Consistent with normal project management discipline, the Treasury Board Secretariat will undertake a structured “closing out” of BOSR by gathering lessons learned with stakeholders and documenting project performance metrics and baselines of expected outcomes.

The results of this review will inform a post implementation review of BOSR, as well as the consideration of future development phases of EMIS.  TBS also undertakes to provide this close‑out report to the Public Accounts Committee by 31 December 2008.

As this relates to the Enhanced Management Framework, harvesting the lessons learned from projects is essential for the on-going improvement to the guidance and tools provided to departments and agencies.  Project Close-Out is a standard part of the project management discipline and the requirement for Project Close-Out reports will be made mandatory for large projects and it will be also mandatory to file these reports with the Treasury Board Secretariat.  These reports and the on-going engagement of the project management community will contribute to the continued evolution of the guidance and support provided to departments and agencies. 

Recommendation 5

Public Works and Government Services Canada conduct a cost-benefit analysis of the continued use of the Secure Channel and provide it to the Public Accounts Committee by 31 December 2008.

The Government agrees in principle and recognizes the importance of a cost-benefit analysis for the Secure Channel.

The Secure Channel is the government's common information technology infrastructure which includes a variety of security services.  It provides Canadians and businesses with secure, responsive and private access to all federal government on-line programs and services. 

At the time of the OAG audit, a new business case proposing a financial sustainability model was in development.  The current Secure Channel contract approved in December 2006 is based on that business case which, upon contract approval, was finalized and formally submitted to TBS in March 2007.  Technology and security threats have changed since the initial implementation.  TBS and Public Works and Government Services Canada (PWGSC) are therefore reviewing the March 2007 business case in light of the evolving security and privacy requirements of the Government of Canada. In particular, there is a need to introduce a wider range of security levels that are better adapted to individual departments’ programs and services and continues to protect Canadians.

Should a continued common security service solution still be required in January 2010, the Government of Canada will develop a business case that includes an analysis of costs and benefits and a confirmation of the Government's commitment to use these services. This new business case would be presented to the Standing Committee on Public Accounts by December 31, 2008.

Recommendation 6

Should the Secure Channel be continued, Public Works and Government Services Canada provide meaningful results-based information in its annual departmental performance report on the Secure Channel, including information on how many transactions it processes, the number of departments using it, its percent capacity use and per transaction cost.

The Government agrees that this information is important and agrees to provide it to the Committee.

It should be noted that PWGSC provides the government-wide infrastructure for the Secure Channel while specific program transactions enabled by the Secure Channel are the responsibility of the individual departments with TBS having the lead on government-wide policy and performance measurement.

The purpose of the Departmental Performance Report (DPR) is to report against the Report on Plans and Priorities (RPP).  The RPP outlines the program activities and related performance indicators as approved by the Treasury Board. The Treasury Board Secretariat is currently working on streamlining DPRs and RPPs with a view to reducing the amount of general operational data in order to improve the clarity and focus of these reports.  Therefore PWGSC will provide the following information in a separate report to the Public Accounts Committee in October 2008:

• number of government organizations using Secure Channel network services;
• number of ePass issued to businesses and Canadian individuals;
• number of secure channel transactions for each program government organizations make available online using the Secure Channel ePass service, number of programs which use ePass, number of secure channel ePass transactions processed and per transaction cost; and
• Secure Channel percent capacity use by Secure Channel service.

Note also, that in keeping with TBS practice, we will also link the above information report to the upcoming PWGSC DPR which will be posted on the TBS website following the tabling of this Government Response in the House of Commons.

The information report will be updated annually and linked to future PWGSC DPRs as long as a common security service solution continues to exist.

Recommendation 7

In its guidance to departments on the preparation of reports to Parliament, the Treasury Board Secretariat direct departments and agencies to provide financial and performance information on information technology projects expected to cost over $10 million, including original and current estimated total costs, costs incurred to date, the expected completion date, and the intended outcomes of the project.

The Government agrees in principle but suggests further analysis be conducted by the Treasury Board Secretariat  to determine whether another threshold or perhaps other criteria, such as risk and complexity, might be more effective in ensuring that Parliamentarians have insights into the projects that might concern them. 

Reports on Plans and Priorities are future planning documents that provide information on planned spending and expected results. Departmental Performance Reports provide performance information on actual spending and actual results achieved using the RPP as a baseline.  Together these two documents form Part III of the Estimates. Improving the quality of these reports is important and TBS is constantly working to address concerns raised by Parliamentarians.

One of the concerns raised by Parliamentarians on a number of occasions is that RPPs and DPRs have become too long, too bureaucratic and difficult to read. With this in mind, TBS has been working to streamline the content of RPPs and DPRs, while helping departments produce reports that assist parliamentarians in their consideration of Main Estimates and Supply.

The Government agrees that Parliamentarians should have the information they need to do their jobs.  Departments are already required to report on their Major Crown Projects (MCP), which are usually projects that exceed $100M but there are occasions where lower-value projects have been designated as MCPs.  The Government proposes to undertake analysis to identify the impact of a $10M threshold for reporting or whether another threshold, or perhaps other criteria should be proposed.  It is proposed that the results of this analysis and an implementation plan be provided to the Standing Committee on Public Accounts by 31 December 2008.